Hi HN, I'm Andrea.

I run AI agents connected to databases, APIs, and filesystems. The problem: every agent gets full access to everything, with no enforcement layer between intent and execution.

SentinelGate is a firewall that sits between the agent and the system. Start the server, wrap any agent:

    sentinel-gate start                      # MCP proxy only
    sentinel-gate run -- python my_agent.py   # full protection

It auto-detects the runtime (Claude Code, Gemini CLI, Python, Node.js) and injects interceptors. Every action is evaluated against CEL policy rules before execution. Denied actions never happen.

Three layers: MCP proxy, HTTP gateway, runtime hooks — one port, one Go binary, one Admin UI with audit trail.

Honest about limitations: runtime hooks are best-effort — a hostile agent can bypass them via FFI or raw sockets. The HTTP gateway adds network-level enforcement. Together they give you defense in depth, not an OS-level sandbox.

AGPL-3.0. Commercial licenses available.

What's missing?